fix(deps): update dependency com.google.auth:google-auth-library-oauth2-http to v1

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
com.google.auth:google-auth-library-oauth2-http	0.9.1 -> 1.32.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

googleapis/google-auth-library-java (com.google.auth:google-auth-library-oauth2-http)

v1.32.1

Bug Fixes

• Add cab-token-generator module to Auth BOM (#​1662) (e409b02)
• Remove unnecessary nexus-staging-maven-plugin activation (#​1665) (d138023)

Dependencies

• Update dependency com.google.http-client:google-http-client-bom to v1.46.0 (e53c441)

Documentation

• Update README with client-side CAB instructions (#​1607) (#​1666) (2996297)

v1.32.0

Features

• Introduce Client-Side Credential Access Boundary (CAB) functionality (#​1629) (f481123)

Bug Fixes

• Handle 404 and non 200 Status Code from MDS Identity Token calls (#​1636) (152c851)
• Respect token_uri from json in UserCredentials creation. (#​1630) (f92cc4f)

Documentation

• Re-organize the README + Add a section on migrating to GoogleCredentials (#​1644) (30b26b2)

v1.31.0

Compare Source

Features

• ImpersonatedCredentials to support universe domain for idtoken and signblob (#​1566) (adc2ff3)
• Support transport and binding-enforcement MDS parameters. (#​1558) (9828a8e)

Documentation

• Promote use of bill of materials in quickstart documentation (#​1620) (fc20d9c), closes #​1552

v1.30.1

Compare Source

Bug Fixes

• JSON parsing of S2A addresses. (#​1589) (9d5ebfe)

v1.30.0

Compare Source

Features

• Support querying S2A Addresses from MDS (#​1400) (df06bd1)

Bug Fixes

• Make it explicit that there is a network call to MDS to get SecureSessionAgentConfig (#​1573) (18020fe)

v1.29.0

Compare Source

Features

• Service sccount to service account impersonation to support universe domain (#​1528) (c498ccf)

Bug Fixes

• Make some enum fields final (#​1526) (8920155)

v1.28.0

Compare Source

Features

• Add metric headers (#​1503) (7f0c1d3)

v1.27.0

Compare Source

Features

• Add api key credential as client library authorization type (#​1483) (6401e51)

v1.26.0

Compare Source

Features

• Updates UserAuthorizer to support retrieving token response directly with different client auth types (#​1486) (1651006)

v1.25.0

Compare Source

Features

• Support retrieving ID Token from IAM endpoint for ServiceAccountCredentials (#​1433) (4fcf83e)

Bug Fixes

• ComputeEngineCredentials.createScoped should invalidate existing AccessToken (#​1428) (079a065)
• Invalidate the SA's AccessToken when createScoped() is called (#​1489) (f26fee7)

v1.24.1

Compare Source

Bug Fixes

• Retry sign blob call with exponential backoff (#​1452) (d42f30a)

v1.24.0

Compare Source

Features

• [java] allow passing libraries_bom_version from env (#​1967) (#​1407) (d92b421)
• Next release from main branch is 1.21.0 (#​1372) (23c3cbe)

Bug Fixes

• Makes default token url universe aware (#​1383) (e3caf05)
• Remove Base64 padding in DefaultPKCEProvider (#​1375) (1405378)

Documentation

• Add supplier sections to table of contents (#​1371) (9e11763)
• Adds docs for supplier based external account credentials (#​1362) (bd898c6)
• Fix readme documentation for workload custom suppliers. (#​1382) (75bd749)

v1.23.0

Compare Source

Features

• Add context object to pass to supplier functions (#​1363) (1d9efc7)
• Adds support for user defined subject token suppliers in AWSCredentials and IdentityPoolCredentials (#​1336) (64ce8a1)
• Adds universe domain for DownscopedCredentials and ExternalAccountAuthorizedUserCredentials (#​1355) (17ef707)
• Modify the refresh window to match go/async-token-refresh. Serverless tokens are cached until 4 minutes before expiration, so 4 minutes is the ideal refresh window. (#​1352) (a7a8d7a)

Bug Fixes

• Add missing copyright header (#​1364) (a24e563)
• Issue #​1347: ExternalAccountCredentials serialization is broken (#​1358) (e3a2e9c)
• Refactor compute and cloudshell credentials to pass quota project to base class (#​1284) (fb75239)

v1.22.0

Compare Source

Features

• Adds universe domain support for compute credentials (#​1346) (7e26861)

Bug Fixes

• Handle error-prone warnings (#​1334) (927cad8)

v1.21.0

Compare Source

Features

• Add code sample and test for getting an access token from an impersonated SA (#​1289) (826ee40)
• Multi universe support, adding universe_domain field (#​1282) (7eb322e)

Bug Fixes

• Remove -Xlint:unchecked, suppress all existing violations, add @​CanIgnoreReturnValue (#​1324) (04dfd40)

Documentation

• Update README.md to link to Cloud authentication documentation rather than AIPs (98fc7e1)

v1.20.0

Compare Source

Features

• Byoid metrics framework (#​1232) (38bdf60)

Bug Fixes

• Make derived classes of CredentialSource public (#​1236) (9bb9e0a)

Documentation

• Update library definitions in README to the latest version (#​1239) (0c5cff2)

v1.19.0

Compare Source

Features

• Expose test-jar and mock classes in oauth2 (12e8db6)

v1.18.0

Compare Source

Features

• Introduce a way to pass additional parameters to auhtorization url (#​1134) (3a2c5d3)

v1.17.0

Features

• Adds universe_domain to external account creds (#​1199) (608ee87)
• Expose method to manually obtain ADC from gcloud CLI well-known… (#​1188) (2fa9d52)
• Updating readme for external account authorized user credentials (#​1200) (bf25574)

Bug Fixes

• Do not expose universe_domain yet (#​1206) (9cce49c)
• Improve errors and warnings related to ADC (#​1172) (6d2251c)
• Marking 503 as retryable for Compute credentials (#​1205) (8ea9445)

v1.16.1

Bug Fixes

• Make supporting classes of AwsCredentials serializable (#​1113) (82bf871)
• Remove AWS credential source validation. (#​1177) (77a99c9)

v1.16.0

Features

• Add PKCE to 3LO exchange. (#​1146) (5bf606b)

Bug Fixes

• Create and reuse self signed jwt creds for better performance (#​1154) (eaaa8e8)
• Java doc for DefaultPKCEProvider.java (#​1148) (154c127)
• Removed url pattern validation for google urls in external account credential configurations (#​1150) (35495b1)

Documentation

• Clarified Maven artifact for HTTP-based clients (#​1136) (b49fc13)

v1.15.0

Features

• Adds external account authorized user credentials (#​1129) (06bf21a)
• Expose scopes granted by user (#​1107) (240c26b)

Bug Fixes

• AccessToken scopes clean serialization and default as empty list (#​1125) (f55d41f)
• Enforce Locale.US for AwsRequestSignerTest (#​1111) (aeb1218)
• Ensure both refreshMargin and expirationMargin are set when using OAuth2CredentialsWithRefresh (#​1131) (326e4a1)

v1.14.0

Features

• Add GDCH support (#​1087) (cfafb2d)
• Adding functional tests for Compute Engine (#​1105) (6f32ac3)
• Introduce Environment Variable for Quota Project Id (#​1082) (040acef)
• Next release from main branch is 1.13.0 (#​1077) (d56eee0)

Bug Fixes

• AwsCredentials should not call metadata server if security creds and region are retrievable through environment vars (#​1100) (1ff5772)
• Not loosing the access token when calling UserCredentials#ToBuil… (#​993) (84afdb8)

v1.13.0

Features

• Add smbios check for GCE residency detection (#​1092) (bfe7d93)

Bug Fixes

• Empty string check for aws url validation (#​1089) (6f177a1)
• Validate url domain for aws metadata urls (#​1079) (31fe461)

v1.12.2

Bug Fixes

• Create and reuse self signed jwt creds for better performance (#​1154) (#​1166) (87f4cb8)

v1.12.1

Bug Fixes

• Resolve race condition reported in #​692 (#​1031) (87a6606)

v1.12.0

Features

• Adding validation for psc endpoints (#​1042) (b37a565)

Bug Fixes

• Fixed javadoc errors (#​945) (1ddc994)

Documentation

• samples: Modified comments in the samples and minor refactor (#​990) (669ab04)

v1.11.0

Features

• Adds configurable token lifetime support (#​982) (0198733)

Bug Fixes

• Add retries to public key fetch (#​983) (1200a39)
• Add Test to validate 0x20 in token (#​971) (612db0a)
• Change revoke request from get to post (#​979) (ead58b2)
• Setting the retry count to default value and enabling ioexceptions to retry (#​988) (257071a)
• Updates IdTokenVerifier so that it does not cache a failed public key response (#​967) (1f4c9c7)

v1.10.0

Features

• workforce identity federation for pluggable auth (#​959) (7f2c535)

Bug Fixes

• updates executable response spec for executable-sourced credentials (#​955) (48ff83d)

Documentation

• samples: added auth samples and tests (#​927) (32c717f)

v1.9.0

Features

• integration tests for pluggable auth (#​939) (22f37aa)

Bug Fixes

• expiration time of the ImpersonatedCredentials token depending on the current host's timezone (#​932) (73af08a)

Documentation

• update wif documentation with enable-imdsv2 flag (#​940) (acc1ce3)

v1.8.1

Bug Fixes

• enable longpaths support for windows test (#​1485) (#​943) (c21ec6c)

v1.8.0

Features

• add build scripts for native image testing in Java 17 (#​1440) (#​923) (bbb51ce)
• Adds Pluggable Auth support (WIF) (#​908) (c3e8d16)

Documentation

• updates README for Pluggable Auth (#​921) (23716b8)

v1.7.0

Features

• Add ability to provide PrivateKey as Pkcs8 encoded string #​883 (#​889) (e0d6996)
• Add iam endpoint override to ImpersonatedCredentials (#​910) (97bfc4c)

Bug Fixes

• update branding in ExternalAccountCredentials (#​893) (0200dbb)

v1.6.1

Bug Fixes

• Create and reuse self signed jwt creds for better performance (#​1164) (4eb1143)

v1.6.0

Features

• Add AWS Session Token to Metadata Requests (#​850) (577e9a5)

Bug Fixes

• ImmutableSet converted to List for Impersonated Credentials (#​732) (7dcd549)
• update library docs (#​868) (a081015)

1.5.3 (2022-02-24)

Bug Fixes

• ci: downgrade nexus-staging-maven-plugin to 1.6.8 (#​874) (fc331d4)

1.5.2 (2022-02-24)

Bug Fixes

• downgrading nexus staging plugin 1.6.8 (#​871) (e87224c)

1.5.1 (2022-02-22)

Bug Fixes

• deps: update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.3.2 (#​852) (aa557c7)

v1.5.3

v1.4.0

Features

• setting the audience to always point to google token endpoint (#​833) (33bfe7a)

Bug Fixes

• (WIF) remove erroneous check for the subject token field name for text credential source (#​822) (6d35c68)
• java: add -ntp flag to native image testing command (#​1299) (#​807) (aa6654a)
• java: run Maven in plain console-friendly mode (#​1301) (#​818) (4df45d0)

v1.3.0

Features

• next release from main branch is 1.3.0 (#​780) (1149581)

Bug Fixes

• java: java 17 dependency arguments (#​1266) (#​779) (9160a53)
• service account impersonation with workforce credentials (#​770) (6449ef0)

1.2.2 (2021-10-20)

Bug Fixes

• environment variable is "AWS_SESSION_TOKEN" and not "Token" (#​772) (c8c3073)

1.2.1 (2021-10-11)

Bug Fixes

• disabling self-signed jwt for domain wide delegation (#​754) (ac70a27)

v1.2.2

v1.2.1

v1.2.0

Features

• add support for Workforce Pools (#​729) (5f3fed7)

Bug Fixes

• allow empty workforce_pool_user_project (#​752) (e1cbce1)
• timing of stale token refreshes on ComputeEngine (#​749) (c813d55)
• workforce audience (#​741) (a08cacc)

v1.1.0

Features

• downscoping with credential access boundaries (#​702) (aa7ede1)

Bug Fixes

• add validation for the token URL and service account impersonation URL for Workload Identity Federation (#​717) (23cb8ef)

Documentation

• updates README for downscoping with CAB (#​716) (68bceba)

v1.0.0

⚠ BREAKING CHANGES

• updating google-auth-library-java min Java version to 1.8

Features

• GA release of google-auth-library-java (ver 1.0.0) (#​704) (3d9874f)
• updating google-auth-library-java min Java version to 1.8 (3d9874f)

Bug Fixes

• Add shopt -s nullglob to dependencies script (#​693) (c5aa708)
• Update dependencies.sh to not break on mac (c5aa708)

v0.27.0

Features

• add Id token support for UserCredentials (#​650) (5a8f467)
• add impersonation credentials to ADC (#​613) (b9823f7)
• Adding functional tests for Service Account (#​685) (dfe118c)
• allow scopes for self signed jwt (#​689) (f4980c7)

v0.26.0

Features

• add gcf-owl-bot[bot] to ignoreAuthors (#​674) (359b20f)
• added getter for credentials object in HttpCredentialsAdapter (#​658) (5a946ea)
• enable pre-emptive async oauth token refreshes (#​646) (e3f4c7e)
• Returning an issuer claim on request errors (#​656) (95d70ae)

Bug Fixes

• use orginal url as audience for self signed jwt if scheme or host is null (#​642) (b4e6f1a)

0.25.5 (2021-04-22)

Dependencies

• update autovalue to 1.8.1 (#​638) (62cd356)

0.25.4 (2021-04-15)

Bug Fixes

• release scripts from issuing overlapping phases (#​634) (b8d851e)
• typo (#​632) (d860608)

0.25.3 (2021-04-12)

Dependencies

• update guava patch (#​628) (8ff3207)

0.25.2 (2021-03-18)

Bug Fixes

• follow up fix service account credentials createScopedRequired (#​605) (7ddac43)
• support AWS_DEFAULT_REGION env var (#​599) (3d066ee)

0.25.1 (2021-03-18)

Bug Fixes

• fix service account credentials createScopedRequired (#​601) (0614482)

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.2-sp.1

Features

• configure initial sp version (#​666) (50ffd14)

v0.25.1

v0.25.0

Features

• add self signed jwt support (#​572) (efe103a)

0.24.1 (2021-02-25)

Dependencies

• update dependency com.google.http-client:google-http-client-bom to v1.39.0 (#​580) (88718b0)

v0.24.1

v0.24.0

Features

• add workload identity federation support (#​547) (b8dde1e)

Bug Fixes

• don't log downloads (#​576) (6181030)

Documentation

• add instructions for using workload identity federation (#​564) (2142db3)

v0.23.0

⚠ BREAKING CHANGES

• privatize deprecated constructor (#​473)

Features

• allow custom lifespan for impersonated creds (#​515) (0707ed4)
• allow custom scopes for compute engine creds (#​514) (edc8d6e)
• allow set lifetime for service account creds (#​516) (427f2d5)
• promote IdToken and JWT features (#​538) (b514fe0)

Bug Fixes

• per google style, logger is lower case (#​529) (ecfc6a2)
• privatize deprecated constructor (#​473) (5804ff0)
• remove deprecated methods (#​537) (427963e)
• replace non-precondition use of Preconditions (#​539) (f2ab4f1)
• switch to GSON (#​531) (1b98d5c)
• use default timeout if given 0 for ImpersonatedCredentials (#​527) (ec74870)

Dependencies

• update dependency com.google.appengine:appengine-api-1.0-sdk to v1.9.84 (#​422) (b262c45)
• update dependency com.google.guava:guava to v30.1-android (#​522) (4090d1c)

Documentation

• fix wording in jwtWithClaims Javadoc (#​536) (af21727)

0.22.2 (2020-12-11)

Bug Fixes

• quotaProjectId should be applied for cached getRequestMetadata(URI, Executor, RequestMetadataCallback) (#​509) (0a8412f)

0.22.1 (2020-11-05)

Bug Fixes

• remove 1 hour limit for impersonated token (#​490) (927e3d5)

Dependencies

• update dependency com.google.guava:guava to v30 (#​497) (0551649)
• update dependency com.google.http-client:google-http-client-bom to v1.38.0 (#​503) (46f20bc)

v0.22.2

v0.22.1

[`v0.2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.